diff options
author | Aleksey Sanin <aleksey@src.gnome.org> | 2003-10-05 08:15:53 +0000 |
---|---|---|
committer | Aleksey Sanin <aleksey@src.gnome.org> | 2003-10-05 08:15:53 +0000 |
commit | 61dee55205eb7c496538fd76865d8e8eee3840ff (patch) | |
tree | dfeb263f3f87528276835dbe29a4b23fbe5c98f5 /apps | |
parent | b5958dc39f7dd05eb7847da25b64492848a6a2e4 (diff) | |
download | xmlsec1-61dee55205eb7c496538fd76865d8e8eee3840ff.tar.gz xmlsec1-61dee55205eb7c496538fd76865d8e8eee3840ff.tar.bz2 xmlsec1-61dee55205eb7c496538fd76865d8e8eee3840ff.zip |
implemented Visa 3D hack to process some URI attributes without
* include/xmlsec/transforms.h include/xmlsec/xmldsig.h
src/transforms.c src/xmldsig.c src/xpath.c apps/xmlsec.c
docs/faq.html: implemented Visa 3D hack to process some
URI attributes without XPath/XInclude engines
Diffstat (limited to 'apps')
-rw-r--r-- | apps/xmlsec.c | 161 |
1 files changed, 156 insertions, 5 deletions
diff --git a/apps/xmlsec.c b/apps/xmlsec.c index 9685e798..0fb7e719 100644 --- a/apps/xmlsec.c +++ b/apps/xmlsec.c @@ -506,6 +506,25 @@ static xmlSecAppCmdLineParam printXmlDebugParam = { NULL }; +static xmlSecAppCmdLineParam idAttrParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--id-attr", + NULL, + "--id-attr[:<attr-name>] [<node-namespace-uri>:]<node-name>" + "\n\tadds attributes <attr-name> (default value \"id\") from all nodes" + "\n\twith<node-name> and namespace <node-namespace-uri> to the list of" + "\n\tknown ID attributes; this is a hack and if you can use DTD or schema" + "\n\tto declare ID attributes instead (see \"--dtd-file\" option)," + "\n\tI don't know what else might be broken in your application when" + "\n\tyou use this hack", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + + /**************************************************************** * * Common dsig params @@ -546,6 +565,7 @@ static xmlSecAppCmdLineParam storeSignaturesParam = { xmlSecAppCmdLineParamFlagNone, NULL }; + static xmlSecAppCmdLineParam enabledRefUrisParam = { xmlSecAppCmdLineTopicDSigCommon, "--enabled-reference-uris", @@ -559,6 +579,20 @@ static xmlSecAppCmdLineParam enabledRefUrisParam = { NULL }; +static xmlSecAppCmdLineParam enableVisa3DHackParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--enable-visa3d-hack", + NULL, + "--enable-visa3d-hack" + "\n\tenables Visa3D protocol specific hack for URI attributes processing" + "\n\twhen we are trying not to use XPath/XPointer engine; this is a hack" + "\n\tand I don't know what else might be broken in your application when" + "\n\tyou use it (also check \"--id-attr\" option because you might need it)", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + #endif /* XMLSEC_NO_XMLDSIG */ /**************************************************************** @@ -728,6 +762,7 @@ static xmlSecAppCmdLineParamPtr parameters[] = { &storeReferencesParam, &storeSignaturesParam, &enabledRefUrisParam, + &enableVisa3DHackParam, #endif /* XMLSEC_NO_XMLDSIG */ /* enc params */ @@ -746,6 +781,7 @@ static xmlSecAppCmdLineParamPtr parameters[] = { &nodeIdParam, &nodeNameParam, &nodeXPathParam, + &idAttrParam, /* Keys Manager params */ &enabledKeyDataParam, @@ -823,7 +859,7 @@ struct _xmlSecAppXmlData { static xmlSecAppXmlDataPtr xmlSecAppXmlDataCreate (const char* filename, const xmlChar* defStartNodeName, const xmlChar* defStartNodeNs); -static void xmlSecAppXmlDataDestroy (xmlSecAppXmlDataPtr data); +static void xmlSecAppXmlDataDestroy (xmlSecAppXmlDataPtr data); static xmlSecAppCommand xmlSecAppParseCommand (const char* cmd, @@ -872,6 +908,10 @@ static FILE* xmlSecAppOpenFile (const char* filename); static void xmlSecAppCloseFile (FILE* file); static int xmlSecAppWriteResult (xmlDocPtr doc, xmlSecBufferPtr buffer); +static int xmlSecAppAddIDAttr (xmlNodePtr cur, + const xmlChar* attr, + const xmlChar* node, + const xmlChar* nsHref); xmlSecKeysMngrPtr gKeysMngr = NULL; int repeats = 1; @@ -1097,16 +1137,17 @@ xmlSecAppSignFile(const char* filename) { if(filename == NULL) { return(-1); } - + if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) { fprintf(stderr, "Error: dsig context initialization failed\n"); return(-1); } + if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) { fprintf(stderr, "Error: dsig context preparation failed\n"); goto done; } - + /* parse template and select start node */ data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs); if(data == NULL) { @@ -1114,6 +1155,7 @@ xmlSecAppSignFile(const char* filename) { goto done; } + /* sign */ start_time = clock(); if(xmlSecDSigCtxSign(&dsigCtx, data->startNode) < 0) { @@ -1171,7 +1213,7 @@ xmlSecAppVerifyFile(const char* filename) { /* parse template and select start node */ data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs); if(data == NULL) { - fprintf(stderr, "Error: failed to load template \"%s\"\n", filename); + fprintf(stderr, "Error: failed to load document \"%s\"\n", filename); goto done; } @@ -1406,6 +1448,9 @@ xmlSecAppPrepareDSigCtx(xmlSecDSigCtxPtr dsigCtx) { dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE; print_debug = 1; } + if(xmlSecAppCmdLineParamIsSet(&enableVisa3DHackParam)) { + dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK; + } if(xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam) != NULL) { dsigCtx->enabledReferenceUris = xmlSecAppGetUriType( @@ -1820,7 +1865,7 @@ xmlSecAppXkissServerValidate(const char* filename) { /* parse template and select start node */ data = xmlSecAppXmlDataCreate(filename, xmlSecNodeValidateRequest, xmlSecXkmsNs); if(data == NULL) { - fprintf(stderr, "Error: failed to load template \"%s\"\n", filename); + fprintf(stderr, "Error: failed to load document \"%s\"\n", filename); goto done; } @@ -2325,6 +2370,7 @@ xmlSecAppShutdown(void) { static xmlSecAppXmlDataPtr xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, const xmlChar* defStartNodeNs) { + xmlSecAppCmdLineValuePtr value; xmlSecAppXmlDataPtr data; xmlNodePtr cur = NULL; @@ -2367,6 +2413,51 @@ xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, co xmlValidateDtd(&ctx, data->doc, data->dtd); } + /* set ID attributes from command line */ + for(value = idAttrParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + idAttrParam.fullName); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } else { + xmlChar* attrName = (value->paramNameValue != NULL) ? BAD_CAST value->paramNameValue : BAD_CAST "id"; + xmlChar* nodeName; + xmlChar* nsHref; + xmlChar* buf; + + buf = xmlStrdup(BAD_CAST value->strValue); + if(buf == NULL) { + fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", value->strValue); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + nodeName = (xmlChar*)strrchr((char*)buf, ':'); + if(nodeName != NULL) { + (*(nodeName++)) = '\0'; + nsHref = buf; + } else { + nodeName = buf; + nsHref = NULL; + } + + /* process children first because it does not matter much but does simplify code */ + cur = xmlSecGetNextElementNode(data->doc->children); + while(cur != NULL) { + if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) { + fprintf(stderr, "Error: failed to add ID attribute \"%s\" for node \"%s\"\n", attrName, value->strValue); + xmlFree(buf); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + cur = xmlSecGetNextElementNode(cur->next); + } + + xmlFree(buf); + } + } + + /* now find the start node */ if(xmlSecAppCmdLineParamGetString(&nodeIdParam) != NULL) { xmlAttrPtr attr; @@ -2761,3 +2852,63 @@ xmlSecAppWriteResult(xmlDocPtr doc, xmlSecBufferPtr buffer) { return(0); } +static int +xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) { + xmlAttrPtr attr, tmpAttr; + xmlNodePtr cur; + xmlChar* id; + + if((node == NULL) || (attrName == NULL) || (nodeName == NULL)) { + return(-1); + } + + /* process children first because it does not matter much but does simplify code */ + cur = xmlSecGetNextElementNode(node->children); + while(cur != NULL) { + if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) { + return(-1); + } + cur = xmlSecGetNextElementNode(cur->next); + } + + /* node name must match */ + if(!xmlStrEqual(node->name, nodeName)) { + return(0); + } + + /* if nsHref is set then it also should match */ + if((nsHref != NULL) && (node->ns != NULL) && (!xmlStrEqual(nsHref, node->ns->href))) { + return(0); + } + + /* the attribute with name equal to attrName should exist */ + for(attr = node->properties; attr != NULL; attr = attr->next) { + if(xmlStrEqual(attr->name, attrName)) { + break; + } + } + if(attr == NULL) { + return(0); + } + + /* and this attr should have a value */ + id = xmlNodeListGetString(node->doc, attr->children, 1); + if(id == NULL) { + return(0); + } + + /* check that we don't have same ID already */ + tmpAttr = xmlGetID(node->doc, id); + if(tmpAttr == NULL) { + xmlAddID(NULL, node->doc, id, attr); + } else if(tmpAttr != attr) { + fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id); + xmlFree(id); + return(-1); + } + xmlFree(id); + return(0); +} + + + |